So i have this store which links to sql values and there is a admin control panel (php)where u can edit all ur listen items, categories etc..
The problem here is that i can only see this in-game and i want it to be displayed in browser aswell.. i see there is a note "// Keep people out except for those in-game!" but i tried to mess with it i can't do it.
How?
here's the store code.
<?php
# store
if (!defined('KODEVS') || KODEVS != 1)
die();
include(CLASS_DIR . 'PaymentGateway.class.php');
include(CLASS_DIR . 'ShoppingCart.class.php');
define('ACCOUNT_TABLE', 'TB_USER');
define('ACCOUNT', 'strAccountID');
define('KNIGHT_CASH', 'nKnightCash');
define('CPD_ID', 'mgid'); // mgid
define('CPD_PW', 'mgmc'); // mgmc
define('CPD_CH', 'strCharID');
define('CPD_PM', 'param');
define('CPD_MI', 'nMaxItems');
define('CPD_SI', 'nServerID');
class Page extends BasePage
{
private $m_currentTab = 0;
private $m_categories = array();
private $m_shoppingCart;
private $m_settings = array();
function doRun()
{
$db = $this->getADB();
$isIPN = (isset($_POST['payment_status']) && @$_GET['act'] == 'recharge' && @$_GET['subact'] == 'ipn');
// Keep people out except for those in-game!
if (isset($_POST[CPD_ID]) && isset($_POST[CPD_PW]) && isset($_POST[CPD_PM]))
{
$params = explode(',', $_POST[CPD_PM]);
if (sizeof($params) != 4)
{
header('Location: /');
return;
}
$db->doQuery('SELECT strAccountID, strCharID, strClientIP, nServerNo FROM CURRENTUSER WHERE strAccountID = ? AND strClientIP = ?', $_POST[CPD_ID], $this->getRemoteIP());
if ($db->hasError() || !$db->hasRows())
{
header('Location: /');
return;
}
$row = $db->doRead();
if (strcmp($_POST[CPD_ID], $row['strAccountID']) !== 0)
{
header('Location: /');
return;
}
$_SESSION[CPD_ID] = $_POST[CPD_ID];
$_SESSION[CPD_CH] = $row['strCharID'];
$_SESSION[CPD_PW] = $_POST[CPD_PW];
$_SESSION[CPD_PM] = $_POST[CPD_PM];
$_SESSION[CPD_MI] = intval($params[2]);
$_SESSION[CPD_SI] = $row['nServerNo'];
$_SESSION['bStoreLoggedIn'] = true;
}
else if (!isset($_SESSION[CPD_ID]) && !$isIPN)
{
header('Location: /');
return;
}
if (!$isIPN)
{
if ($_SESSION['bStoreLoggedIn'] == true)
{
$db->doQuery('SELECT nKnightCash, strAuthority FROM ' . ACCOUNT_TABLE . ' WHERE ' . ACCOUNT . ' = ?', $_SESSION[CPD_ID]);
$row = $db->doRead();
$_SESSION[KNIGHT_CASH] = $row[KNIGHT_CASH];
$_SESSION['strAuthority'] = $row['strAuthority'];
}
$this->m_shoppingCart = new ShoppingCart();
$defaultTab = $this->doLoadCategories();
if (!isset($_SESSION['nStoreActiveTab']))
{
$this->m_currentTab = $defaultTab;
$_SESSION['nStoreActiveTab'] = $defaultTab;
}
else
{
$this->m_currentTab = $_SESSION['nStoreActiveTab'];
}
}
$this->doLoadSettings();
$this->setTitle('PAGE_STORE_TITLE');
Template::SetVar('SERVER-URL', $this->config['SITE']['HOST']);
Template::SetVar('PAYPAL-ADDRESS', $this->m_settings['bPaypalSandbox'] == 0 ? $this->m_settings['szPaypalEmail'] : $this->m_settings['szPaypalSandboxEmail']);
Template::SetVar('PAYPAL-SANDBOX', $this->m_settings['bPaypalSandbox'] == 0 ? NULL : '.sandbox');
Template::SetVar('CURRENCY', $this->m_settings['szCurrency']);
Template::SetVar('CURRENCY-SIGN', $this->m_settings['szCurrencySymbol']);
Template::SetVar('error', NULL);
Template::SetPage('pus-main');
if (!$isIPN)
{
if (isset($_GET['tab']))
{
$tabID = intval($_GET['tab']);
if (array_key_exists($tabID, $this->m_categories))
{
$this->m_currentTab = $tabID;
$_SESSION['nStoreActiveTab'] = $tabID;
}
}
if ($this->m_settings['bStoreEnabled'] == 0 && !$this->isAdministrator())
{
if (@$_GET['act'] == 'right')
Template::SetPage('pus-right');
$this->doError('PUS_CLOSED');
return;
}
}
else
{
$this->doHandlePaymentNotification();
return;
}
switch (@$_GET['act'])
{
case 'buy':
{
$this->doShoppingCartBuy();
} break;
case 'recharge':
{
if (@$_GET['subact'] == 'ipn')
{
$this->doHandlePaymentNotification();
}
else
{
if (@$_GET['subact'] == 'success' && @$_GET['type'] == 'daopay')
{
$this->doHandlePaymentNotificationDaoPay();
}
else
{
$this->doHandleRecharge();
}
}
} break;
case 'purchases':
{
$this->doHandlePurchaseHistory();
} break;
case 'right':
{
Template::SetPage('pus-right');
switch ($_GET['type'])
{
case 'cart':
{
$this->doHandleShoppingCart();
} break;
case 'detail':
{
$this->doShowSideDetails();
} break;
default:
{
$this->doHandleShoppingCart();
}
}
} break;
default:
{
$this->doShowCategory();
}
}
Template::SetVar('STORE_CATEGORIES', $this->doShowCategories());
Template::SetVar('KNIGHT_CASH', number_format(intval(@$_SESSION[KNIGHT_CASH])));
}
function doLoadSettings()
{
$db = $this->getADB();
$num_rows = $db->doQuery('SELECT szKey, szValue FROM STORE_SETTINGS');
while ($row = $db->doRead())
$this->m_settings[$row['szKey']] = $row['szValue'];
}
function doLoadCategories()
{
$db = $this->getADB();
$num_rows = $db->doQuery('SELECT id, nPos, szName FROM STORE_CATEGORIES ORDER BY nPos ASC');
$lPos = -1;
$l = -1;
while ($row = $db->doRead())
{
if ($lPos == -1 || $row['nPos'] < $lPos)
{
$l = $row['id'];
$lPos = $row['nPos'];
}
$row['szTabImage'] = 'tab_blank.gif';
$this->m_categories[$row['id']] = $row;
}
return $l;
}
function doShowCategories()
{
$cats = '';
foreach ($this->m_categories as $tabID => $row)
{
$selectedTab = NULL;
if ($this->m_currentTab == $tabID)
{
$ext = explode('.', $row['szTabImage']);
$ext = '.' . $ext[sizeof($ext) - 1];
$row['szTabImage'] = str_replace($ext, 'b' . $ext, $row['szTabImage']);
$selectedTab = 'selected-tab';
}
$tabWidth = strlen($row['szName']) * 9;
if ($tabWidth < 90) $tabWidth = 90;
$cats .= Template::Load('pus-category-1', array('category_id' => $tabID, 'category_name' => $row['szName'], 'selected_tab' => $selectedTab, 'tab-width' => $tabWidth, 'category_image' => $row['szTabImage']));
}
return $cats;
}
private function doLog($error)
{
$fh = fopen('./cache/errors.txt', 'a');
fwrite($fh, $error . "\r\n");
fclose($fh);
}
function doHandlePaymentNotification()
{
$db = $this->getADB();
$id = intval(@$_GET['txid']) == 0 ? intval(@$_POST['custom']) : intval(@$_GET['txid']);
if ($id == 0)
return;
if (!isset($_POST['custom']))
$_POST = $_GET;
$db->doQuery
('
SELECT
id, strAccountID, nKCAmount, nPrice, strProvider
FROM
STORE_TRANSACTIONS
WHERE
id = ?
AND
bStatus NOT IN(3, 252, 253, 254, 255)', $id);
if ($db->hasError() || !$db->hasRows())
return;
$row = $db->doRead();
$result = false;
switch ($row['strProvider'])
{
case 'PayPal':
{
$result = $this->doHandleNotification_PP($row);
} break;
case 'DaoPay':
{
$result = $this->doHandleNotification_DP($row);
} break;
}
if ($result)
{
$user_row = $row;
$db->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' + ' . $user_row['nKCAmount'] . ' WHERE ' . ACCOUNT . ' = ?', $user_row['strAccountID']);
}
}
function doHandleNotification_PP($row)
{
$db = $this->getADB();
if (!isset($_POST['txn_id']))
return false;
$db->doQuery('SELECT strAccountID, txn_id, bStatus, nKCAmount FROM STORE_TRANSACTIONS WHERE txn_id = ? AND bStatus IN(252, 253, 254, 255)', $_POST['txn_id']);
if ($db->hasError() || $db->hasRows())
return false;
$r = $db->doRead();
$pIPN = new PayPal($this->m_settings['szPaypalEmail'], $this->getADB(), $this->m_settings['bPaypalSandbox']);
$result = NULL;
if (($result = $pIPN->doAuthenticate()) === false)
{
unset($pIPN);
return false;
}
$pIPN->doDisconnect();
if ($result == 'INVALID')
{
unset($pIPN);
return false;
}
$validPrice = ($_POST['payment_gross'] == $row['nPrice']);
$pIPN->doUpdateTable($validPrice);
unset($pIPN);
if ($result == 'VERIFIED' && $_POST['payment_status'] == 'Completed')
return true;
// else if ($result == 'VERIFIED' && $_POST['payment_status'] == 'Refunded')
// $db->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' - ? WHERE ' . ACCOUNT . ' = ?', $r['nKCAmount'], $r['strAccountID']);
return false;
}
function doHandleNotication_DP($row)
{
$db = $this->getADB();
//if (!isset($_GET['some ID']))
// return false;
}
function doHandlePurchaseHistory()
{
$db = $this->getADB();
$db->doQuery('SELECT TOP 64 id, purchaseTime, strClientIP, strAccountID, strCharID, strItems, strQuantities, nCost FROM STORE_PURCHASES WHERE strAccountID = ? ORDER BY id DESC', $_SESSION[CPD_ID]);
$purchases = '';
$i = 0;
$purchaseRows = array();
while ($row = $db->doRead())
$purchaseRows[] = $row;
$content = '';
foreach ($purchaseRows as $row)
{
$strPackages = explode(',', $row['strItems']);
$strQuantities = explode(',', $row['strQuantities']);
$content = '';
$price = 0;
$n = 0;
foreach ($strPackages as $id)
{
$info = $this->getPackageInfo($id);
if ($info == -1) continue;
$quantity = $strQuantities[$n++];
if (sizeof($info[1]) > 1) // multiple items
{
$items_tmp = '';
foreach ($info[1] as $item)
{
$item = $this->getItemInfo($item);
if ($item == -1) continue;
$items_tmp .= Template::Load('pus-purchases-item-package-item', array
(
'ITEM-NAME' => $item['nQuantity'] . ' x ' . @$item['strName'] . (@$item['Countable'] == 1 ? '(' . $item['Duration'] . ')' : NULL),
'ITEM-ICON' => $this->GetIconID($item['Num']),
'ITEM-PRICE' => number_format($info[0]['nCost']),
));
}
$price += $info[0]['nCost'];
$content .= Template::Load('pus-purchases-item-package', array
(
'PACKAGE-QUANTITY' => $quantity,
'PACKAGE-NAME' => @$info[0]['strName'],
'PACKAGE-ID' => ($i + 1),
'PACKAGE-ITEMS' => $items_tmp,
'PACKAGE-PRICE' => number_format($info[0]['nCost'])
));
}
else
{
$item = $this->getItemInfo($info[1][0]);
$price += $info[0]['nCost'];
$content .= Template::Load('pus-purchases-item-item', array
(
'ITEM-ICON' => $this->GetIconID($item['Num']),
'ITEM-QUANTITY' => $quantity,
'ITEM-NAME' => @$info[0]['strName'],
'ITEM-ID' => ($i + 1),
'ITEM-PRICE' => number_format($info[0]['nCost']),
));
}
}
$row['i'] = ($i += 4);
$purchases .= Template::Load('pus-purchases-row', array_merge($row, array('content' => $content, 'price' => number_format($price))));
}
$this->loadTPL('pus-purchases-main', array('purchases' => $purchases, 'total' => sizeof($purchaseRows)));
}
function doHandleRecharge()
{
$db = $this->getADB();
switch (@$_GET['subact'])
{
case 'process':
{
$id = intval(@$_POST['item']);
if ($id > 0)
{
$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS WHERE id = ?', $id);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$db->hasRows())
{
$this->doError('PUS_NO_KC_OPTIONS'); // Not quite but we'll live with hackers getting a bad message
return;
}
$optionData = $db->doRead();
if (@$_POST['paypal'] == 1) // gotta re-do this
{
$provider = 'PayPal';
}
else
{
$this->doError('PUS_NO_KC_OPTIONS');
return;
}
$db->doQuery('INSERT INTO STORE_TRANSACTIONS (strAccountID, strClientIP, strCharID, nKCPackage, nKCAmount, nPrice, strProvider, bStatus) VALUES (?, ?, ?, ?, ?, ?, ?, ?)', $_SESSION[CPD_ID], $this->getRemoteIP(), $_SESSION[CPD_CH], $id, $optionData['nKCAmount'], $optionData['nPrice'], $provider, TS_PREPURCHASE);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
$num_rows = $db->doQuery('SELECT TOP 1 id FROM STORE_TRANSACTIONS WHERE strAccountID = ? ORDER BY id DESC', $_SESSION[CPD_ID]);
$row = $db->doRead();
if ($this->m_settings['bUseForumUsername'] == TRUE)
{
$this->loadTPL('pus-recharge-forum', array('id' => $row['id'], 'id2' => $id, 'provider' => $provider));
return;
}
$optionData['transaction-id'] = $row['id'];
$optionData['strName'] .= ' (non-refundable virtual item)';
switch ($provider)
{
case 'PayPal':
$this->loadTPL('pus-recharge-ppredirect', $optionData);
break;
}
return;
}
} break;
case 'forum':
{
$id = @$_POST['id'];
$id2 = @$_POST['id2'];
$provider = @$_POST['provider'];
$forum_name = @$_POST['account'];
if ($forum_name == NULL || $id == NULL || $id2 == NULL || $provider == NULL || $provider != 'PayPal') // limit it to paypal for now anyway -_-
{
$this->doError('DB_ERROR');
return;
}
$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS WHERE id = ?', $id2);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$db->hasRows())
{
$this->doError('PUS_NO_KC_OPTIONS'); // Not quite but we'll live with hackers getting a bad message
return;
}
$optionData = $db->doRead();
$db->doQuery('SELECT TOP 1 id FROM STORE_TRANSACTIONS WHERE strAccountID = ? AND id = ?', $_SESSION[CPD_ID], $id);
if ($db->hasError() || !$db->hasRows())
{
$this->doError('DB_ERROR');
return;
}
$row = $db->doRead();
$optionData['transaction-id'] = $row['id'];
$optionData['strName'] .= ' (non-refundable virtual item)';
$db->doQuery('UPDATE STORE_TRANSACTIONS SET forum_username = ? WHERE strAccountID = ? AND id = ?', $forum_name, $_SESSION[CPD_ID], $id);
switch ($provider)
{
case 'PayPal':
$this->loadTPL('pus-recharge-ppredirect', $optionData);
break;
}
return;
} break;
case 'success':
{
$id = intval(@$_GET['id']);
if ($id > 0)
{
if (isset($_SESSION[CPD_ID]) && isset($_POST['payment_status'])) // Cut to the chase before IPN!
$this->doHandlePaymentNotification();
$db->doQuery('SELECT id, bStatus FROM STORE_TRANSACTIONS WHERE id = ? AND strAccountID = ?', $id, $_SESSION[CPD_ID]);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if ($db->hasRows())
{
$row = $db->doRead();
if ($row['bStatus'] == 3)
$this->doError('PUS_PAYMENT_COMPLETED', NULL);
else
$this->doError('PUS_PAYMENT_BEING_PROCESSED', NULL);
return;
}
}
} break;
case 'cancel':
{
$id = intval(@$_GET['id']);
if ($id > 0)
{
$db->doQuery('SELECT id FROM STORE_TRANSACTIONS WHERE id = ? AND strAccountID = ? AND bStatus <> 3', $id, $_SESSION[CPD_ID]);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if ($db->hasRows())
{
$db->doQuery('DELETE FROM STORE_TRANSACTIONS WHERE id = ?', $id);
}
}
} break;
}
$transactions = $this->doLoadRecentTransactions();
$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS ORDER BY nKCAmount DESC');
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$db->hasRows())
{
$this->doError('PUS_NO_KC_OPTIONS');
return;
}
$content = '';
while ($row = $db->doRead())
{
$row['nPrice'] = number_format($row['nPrice'], 2);
$content .= Template::Load('pus-recharge-option', $row);
}
$this->loadTPL('pus-recharge-main', array('transactions' => $transactions, 'options' => $content));
}
function doLoadRecentTransactions()
{
$db = $this->getADB();
$db->doQuery('SELECT TOP 18 dDate, strName, STORE_KC_OPTIONS.nPrice, strProvider, bStatus, payment_processed, payment_status, txn_id, payer_email, pending_reason, payment_type FROM STORE_TRANSACTIONS INNER JOIN STORE_KC_OPTIONS ON nKCPackage = STORE_KC_OPTIONS.id WHERE strAccountID = ? AND payment_status IS NOT NULL ORDER BY STORE_TRANSACTIONS.id DESC', $_SESSION[CPD_ID]);
if ($db->hasError() || !$db->hasRows())
return NULL;
$transactions = '';
while ($row = $db->doRead())
{
$date = explode(' ', $row['dDate']);
$row['dDate'] = $date[0];
$date = explode(' ', $row['payment_processed']);
if (sizeof($date) > 1) $row['payment_processed'] = $date[0];
if ($row['payment_status'] != 'Completed') $row['payment_processed'] = 'N/A';
$transactions .= Template::Load('pus-transactions-row', $row);
}
return Template::Load('pus-transactions-table', array('transactions' => $transactions));
}
function doShowCategory()
{
$db = $this->getADB();
$gdb = $this->getGDB();
$num_rows = $db->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nSpecialType, nQuantity, nValue, nMaxQty, (SELECT COUNT(*) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id) as nPackageItems FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE nCategory = ? ORDER BY nCost DESC', $this->m_currentTab);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$db->hasRows())
{
$this->doError('PUS_NO_ITEMS');
return;
}
$data = array();
$itemCount = $num_rows;
$pageCount = ceil($num_rows / 9);
$page = intval(@$_GET['p']) == 0 ? 1 : (intval($_GET['p']) > $pageCount ? 1 : intval($_GET['p']));
$pageStart = ((9 * $page) - 9);
if ($pageStart > $itemCount)
$pageStart = 0;
$rows = array();
while ($row = $db->doRead())
$rows[] = $row;
$itemCount = sizeof($rows) - $pageStart;
$pages = '';
for ($i = 1; $i <= $pageCount; $i++)
{
if ($i == $page) $pages .= Template::Load('pus-pageno-link-none', array('id' => $i));
else $pages .= Template::Load('pus-pageno-link', array('id' => $i));
}
Template::SetVar('page-no', $pages); // $page . ' / ' . $pageCount
$n = 0;
for ($i = $pageStart; $i < ($pageStart + 10); $i++)
{
$id = 'store-item-' . $n;
if (($n+1) > $itemCount)
{
$data[$id] = NULL;
$n++;
continue;
}
$row = $rows[$i];
if ($row['nSpecialType'] == 0)
{
$gdb->doQuery('SELECT Num, strName, Countable, Duration FROM ITEM WHERE Num = ?', $row['nValue']);
if ($gdb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$gdb->hasRows())
{
$itemCount--;
continue;
$row['Num'] = $row['nValue'];
$row['strName'] = $row['szPackageName'];
$row['Num'] = $row['nValue'];
}
else
{
$row2 = $gdb->doRead();
$row['Num'] = $row2['Num'];
$row['strName'] = $row['szPackageName'] != ' ' ? $row['szPackageName'] : @$row2['strName'];
$row['Num'] = $row2['Num'];
if ($row2['Countable'] == 1)
{
$row['nQuantity'] = $row2['Duration'];
}
}
}
else if ($row['nSpecialType'] == 3) // Premium
{
$row['Num'] = $row['nListedItemID'];
$row['strName'] = $row['szPackageName'];
$row['Num'] = $row['nValue'];
}
else
{
$itemCount--;
continue;
}
$data[$id] = Template::Load('pus-item',
array
(
'ITEM-ID' => $row['id'],
'ITEM-NAME' => @$row['strName'],
'ITEM-TYPE' => $this->getSpecialType($row['nSpecialType']),
'ITEM-PRICE' => number_format(intval($row['nCost'])),
'ITEM-QTY' => ($row['nPackageItems'] > 1 ? 1 : number_format($row['nQuantity'])),
'ITEM-MAXQTY' => $row['nMaxQty'],
'ITEM-ICON' => $this->GetIconID($row['Num'])
)
);
$n++;
}
if ($itemCount == 0)
{
$this->doError('PUS_NO_ITEMS');
return;
}
$this->loadTPL('pus-item-category', $data);
}
function doShowSideDetails()
{
$adb = $this->getADB();
$gdb = $this->getGDB();
$id = intval($_GET['id']);
if ($id == 0)
{
$this->doError('PUS_ITEM_NOT_FOUND');
return;
}
$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, szPackageDescription, szItemDuration, nStoreItemID, nCost, nSpecialType, nMaxQty, nQuantity, nValue FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
if ($adb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$adb->hasRows())
{
$this->doShowSidePopular();
return;
}
$row = $adb->doRead();
$package = $row;
$adb->doQuery('SELECT id, nListedItemID, nSpecialType, nQuantity, nValue, nPremiumDays FROM STORE_ITEM_DATA WHERE nListedItemID = ?', $id);
if ($adb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$adb->hasRows())
{
$this->doError('PUS_INVALID_PACKAGE');
return;
}
$items = array();
while ($row = $adb->doRead())
$items[] = $row;
if ($package['nSpecialType'] == 0)
{
$gdb->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $package['nValue']);
if ($gdb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$gdb->hasRows())
{
$this->doError('PUS_ITEM_NOT_FOUND');
return;
}
$row = $gdb->doRead();
$package = array_merge($package, $row);
$package['strName'] = ($package['szPackageName'] != ' ' ? $package['szPackageName'] : @$package['strName']);
}
else
{
$package['Num'] = $package['nValue'];
$package['strName'] = $package['szPackageName'];
$package['Num'] = $package['nValue'];
}
$this->loadTPL('pus-right-item',
array
(
'item-id' => @$package['Num'],
'item-name' => @$package['strName'],
'item-price' => number_format(intval($package['nCost'])),
'item-qty' => @$package['Countable'] == 1 ? number_format($package['Duration']) : $package['nQuantity'],
'item-duration' => $package['szItemDuration'] == ' ' ? 'N/A' : $package['szItemDuration'],
'item-description' => $package['szPackageDescription'] == ' ' ? 'N/A' : $package['szPackageDescription'],
'item-icon' => $this->GetIconID($package['Num'])
));
}
function doShowSidePopular()
{
$this->loadTPL('pus-right-popular');
}
function doHandleShoppingCart()
{
switch (@$_GET['subact'])
{
case 'add':
{
$this->doShoppingCartAdd();
} break;
case 'del':
{
$this->doShoppingCartDel();
} break;
default:
{
$this->doShoppingCartView();
}
}
}
function doShoppingCartView()
{
$content = '';
for ($i = 0; $i < $this->m_shoppingCart->getCount(); $i++)
{
$info = $this->getPackageInfo($this->m_shoppingCart->getItemID($i));
if ($info == -1) continue;
if (sizeof($info[1]) > 1) // multiple items
{
$items_tmp = '';
foreach ($info[1] as $item)
{
$item = $this->getItemInfo($item);
if ($item == -1) continue;
$items_tmp .= Template::Load('pus-cart-item-package-item', array
(
'ITEM-NAME' => $item['nQuantity'] . ' x ' . @$item['strName'] . (@$item['Countable'] == 1 ? '(' . $item['Duration'] . ')' : NULL),
'ITEM-ICON' => $this->GetIconID($item['Num']),
'ITEM-PRICE' => number_format($this->m_shoppingCart->getItemPrice($i)),
));
}
$content .= Template::Load('pus-cart-item-package', array
(
'PACKAGE-QUANTITY' => $this->m_shoppingCart->getItemQuantity($i),
'PACKAGE-NAME' => @$info[0]['strName'],
'PACKAGE-ID' => ($i + 1),
'PACKAGE-ITEMS' => $items_tmp,
'PACKAGE-PRICE' => number_format($this->m_shoppingCart->getItemPrice($i))
));
}
else
{
$item = $this->getItemInfo($info[1][0]);
$content .= Template::Load('pus-cart-item-item', array
(
'ITEM-ICON' => $this->GetIconID($item['Num']),
'ITEM-QUANTITY' => $this->m_shoppingCart->getItemQuantity($i),
'ITEM-NAME' => @$info[0]['strName'],
'ITEM-ID' => ($i + 1),
'ITEM-PRICE' => number_format($this->m_shoppingCart->getItemPrice($i)),
));
}
}
if ($this->m_shoppingCart->getCount() > 0)
$content .= Template::Load('pus-cart-footer', array
(
'CART-TOTAL' => number_format($this->m_shoppingCart->getTotalCost()),
'KNIGHT-CASH' => number_format(intval(@$_SESSION[KNIGHT_CASH])),
'CART-AFTERKC' => number_format($_SESSION[KNIGHT_CASH] - $this->m_shoppingCart->getTotalCost()),
));
else
$content .= Template::Load('pus-cart-footer-none');
$this->loadTPL('pus-cart-main', array
(
'ITEM-COUNT' => $this->m_shoppingCart->getTotalItems(),
'SLOTS-FREE' => $_SESSION[CPD_MI],
'CART-CONTENT' => $content
));
}
function getPackageInfo($id)
{
$adb = $this->getADB();
$gdb = $this->getGDB();
$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nSpecialType, nQuantity, nValue, (SELECT SUM(nQuantity) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id AND nSpecialType = 0) as nTotalItems FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
if ($adb->hasError() || !$adb->hasRows())
{
$this->doError('DB_ERROR');
return -1;
}
$row = $adb->doRead();
$package = $row;
$adb->doQuery('SELECT id, nListedItemID, nSpecialType, nQuantity, nValue, nPremiumDays FROM STORE_ITEM_DATA WHERE nListedItemID = ?', $id);
if ($adb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$adb->hasRows())
{
$this->doError('PUS_INVALID_PACKAGE');
return;
}
$items = array();
while ($row = $adb->doRead())
$items[] = $row;
if ($package['nSpecialType'] == 0)
{
$gdb->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $package['nValue']);
if ($gdb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$gdb->hasRows())
{
$this->doError('PUS_INVALID_PACKAGE');
return;
}
$row = $gdb->doRead();
$package = array_merge($package, $row);
$package['strName'] = ($package['szPackageName'] != ' ' ? $package['szPackageName'] : @$package['strName']);
}
else
{
$package['Num'] = $package['nValue'];
$package['strName'] = $package['szPackageName'];
$package['Num'] = $package['nValue'];
}
return array($package, $items);
}
function getItemInfo($row)
{
$db = $this->getGDB();
$nSpecialType = $row['nSpecialType'];
if ($nSpecialType == 0)
{
$db->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $row['nValue']);
if ($db->hasError())
{
$this->doError('DB_ERROR');
return -1;
}
else if ($db->hasRows())
{
$newRow = $db->doRead();
return array_merge($newRow, $row);
}
}
else if ($nSpecialType == 3)
{
return array('strName' => $row['nPremiumDays'] . Template::GetLangVar('PUS_DAYS_OF_PREMIUM_SERVICE'), 'Num' => $row['nValue'], 'Num' => $row['nValue']);
}
return -1;
}
function GetIconID($id)
{
if ($id == '0')
$id = str_pad($id, 8, '0');
$result = @substr($id, 0, 1) . '_' . @substr($id, 1, 4) . '_' . @substr($id, 5, 2) . '_' . @substr($id, 7, 1);
$test = './themes/default/images/itemicons/itemicon_' . $result . '.jpg';
if (file_exists($test))
return $result;
return $this->GetIconID('0');
}
function doShoppingCartAdd()
{
$adb = $this->getADB();
$gdb = $this->getGDB();
$id = intval(@$_GET['id']);
$qty = intval(@$_GET['qty']) == 0 ? 1 : $_GET['qty'];
if ($id == 0)
{
Template::SetVar('error', Template::GetLangVar('PUS_ITEM_NOT_FOUND'));
}
else
{
$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nValue, nQuantity, nMaxQty, nPremiumDays, (SELECT COUNT(*) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id) as nPackageItems, (SELECT SUM(nQuantity) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id AND nSpecialType = 0) as nTotalQuantity, nSpecialType FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
if ($adb->hasError())
{
$this->doError('DB_ERROR');
return;
}
else if (!$adb->hasRows())
{
Template::SetVar('error', Template::GetLangVar('PUS_ITEM_NOT_FOUND'));
return;
}
$row = $adb->doRead();
$nQuantity = $row['nQuantity'];
$bStackable = false;
$nStack = 1;
if ($row['nSpecialType'] == 0)
{
$gdb->doQuery('SELECT Countable, Duration FROM ITEM WHERE Num = ?', $row['nValue']);
if ($gdb->hasError())
{
$this->doError('DB_ERROR');
return;
}
$row2 = $gdb->doRead();
if ($row2['Countable'] == 1)
{
$bStackable = true;
$nStack = $row2['Duration'];
}
}
$total_items = $this->m_shoppingCart->getTotalItems();
$nPackageItems = $row['nPackageItems'];
$nAvailableSlots = $_SESSION[CPD_MI];
$overboard = false;
if (($total_items + ($nPackageItems * $qty)) > $nAvailableSlots)
$overboard = true;
if ($nPackageItems == 1 && $row['nSpecialType'] == 3) // exception to the rule
$overboard = false;
if ($overboard == true)
{
Template::SetVar('error', Template::GetLangVar('PUS_ADD_MORE_THAN_AVAILABLE'));
}
else
{
$nMaxQty = $row['nMaxQty'];
$item = $this->m_shoppingCart->findItem($id);
$curQty = ($item != -1 ? $this->m_shoppingCart->getItemQuantity($item) : 0);
if (($qty + $curQty) > $nMaxQty)
Template::SetVar('error', Template::GetLangVar('PUS_ADD_TOO_MANY', array('arg0' => $nMaxQty)));
else if (($this->m_shoppingCart->getTotalCost() + ($row['nCost'] * $qty)) > $_SESSION[KNIGHT_CASH] && $qty > 1)
{
$oldQty = $qty;
$qty = floor(($_SESSION[KNIGHT_CASH] - $this->m_shoppingCart->getTotalCost()) / $row['nCost']);
if ($qty > 0)
{
Template::SetVar('error', Template::GetLangVar('PUS_ADD_TOO_MANY_SUBSTITUTE', array('arg0' => $oldQty, 'arg1' => $qty)));
$this->m_shoppingCart->addItem($row['nListedItemID'], $row['nCost'], $this->getSpecialType($row['nSpecialType']), $row['nPackageItems'], $qty, $row['nTotalQuantity'], $bStackable, $nStack);
}
else
{
Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC'));
}
}
else if ($qty == 0 || ($this->m_shoppingCart->getTotalCost() + ($row['nCost'] * $qty)) > $_SESSION[KNIGHT_CASH])
{
if ($this->m_shoppingCart->getTotalCost() > 0)
Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC_CART'));
else
Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC'));
}
else
{
$this->m_shoppingCart->addItem($row['nListedItemID'], $row['nCost'], $this->getSpecialType($row['nSpecialType']), $row['nPackageItems'], $qty, $row['nTotalQuantity'], $bStackable, $nStack);
}
}
}
$this->doShoppingCartView();
}
function doShoppingCartDel()
{
$id = intval(@$_GET['id']) - 1;
$qty = intval(@$_GET['qty']) == 0 ? 1 : @$_GET['qty'];
$item = $this->m_shoppingCart->getItemID($id);
if ($id < 0 || $item == -1)
{
$this->doError('PUS_ITEM_NOT_FOUND');
return;
}
$this->m_shoppingCart->delItem($id, $qty);
$this->doShoppingCartView();
}
function doShoppingCartBuy()
{
$adb = $this->getADB();
$gdb = $this->getGDB();
if ($this->m_shoppingCart->getCount() == 0)
{
$this->doError('PUS_BUY_NO_ITEMS');
return;
}
else if ($_SESSION[KNIGHT_CASH] < $this->m_shoppingCart->getTotalCost())
{
$this->doError('PUS_BUY_NEED_KC');
return;
}
$cart = $this->m_shoppingCart;
$packages = '';
$quantities = '';
for ($i = 0; $i < $this->m_shoppingCart->getCount(); $i++)
{
$pInfo = $this->getPackageInfo($cart->getItemID($i));
if ($pInfo == -1) continue;
$packages .= $pInfo[0]['id'] . ',';
$quantity = $this->m_shoppingCart->getItemQuantity($i);
$quantities .= $quantity . ',';
for ($n = 0; $n < $quantity; $n++)
{
foreach ($pInfo[1] as $info)
{
if ($this->getSpecialTypeToChar($info['nSpecialType']) == 'P')
{
if ($this->m_settings['nPremiumType'] == 0)
{
$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumExpire = (PremiumExpire + ' . intval($info['nPremiumDays']) . ') WHERE ' . ACCOUNT . ' = ? AND PremiumExpire IS NOT NULL AND DateDiff(dd, GetDate(), PremiumExpire) > 0 ', $_SESSION[CPD_ID]);
$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumExpire = (GetDate() + ' . intval($info['nPremiumDays']) . ') WHERE ' . ACCOUNT . ' = ? AND (PremiumExpire IS NULL OR DateDiff(dd, GetDate(), PremiumExpire) <= 0)', $_SESSION[CPD_ID]);
}
else if ($this->m_settings['nPremiumType'] == 1)
{
$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumType = 1, PremiumDays = ? WHERE ' . ACCOUNT . ' = ?', $cart->GetItemPDays($i), $_SESSION[CPD_ID]);
}
else if ($this->m_settings['nPremiumType'] == 2)
{
$adb->doQuery('SELECT strAccountID FROM PREMIUM_SERVICE WHERE strAccountID = ?', $_SESSION[CPD_ID]);
if ($adb->hasError())
{
continue;
}
else if (!$adb->hasRows())
{
$adb->doQuery('INSERT INTO PREMIUM_SERVICE (strAccountID, strType, nDays) VALUES (?, ?, ?)', $_SESSION[CPD_ID], 1, $cart->GetItemPDays($i));
}
else
{
$adb->doQuery('UPDATE PREMIUM_SERVICE SET strType = 1, nDays = nDays + ? WHERE strAccountID = ?', $cart->GetItemPDays($i), $_SESSION[CPD_ID]);
}
}
}
else
{
for ($x = 0; $x < $info['nQuantity']; $x++)
{
$gdb->doQuery('INSERT INTO WEB_ITEMMALL
(strAccountID, strCharID, ServerNo, ItemID, ItemCount, BuyTime, img_file_name, strItemName, price, pay_type)
VALUES(?, ?, ?, ?, ?, GetDate(), ?, ?, ?, ?)', $_SESSION[CPD_ID], $_SESSION[CPD_CH], intval($_SESSION[CPD_SI]), $info['nValue'], $cart->getItemQuantity($i), 'na', 'na', $cart->getItemPrice($i), 0);
if ($gdb->hasError())
{
$this->doError('DB_ERROR');
return;
}
$gdb->doQuery('INSERT INTO WEB_ITEMMALL_LOG
(strAccountID, strCharID, ServerNo, ItemID, ItemCount, BuyTime, img_file_name, strItemName, price, pay_type)
VALUES(?, ?, ?, ?, ?, GetDate(), ?, ?, ?, ?)', $_SESSION[CPD_ID], $_SESSION[CPD_CH], intval($_SESSION[CPD_SI]), $info['nValue'], $cart->getItemQuantity($i), 'na', 'na', $cart->getItemPrice($i), 0);
}
}
}
}
}
$packages = substr($packages, 0, strlen($packages) - 1);
$quantities = substr($quantities, 0, strlen($quantities) - 1);
$adb->doQuery('INSERT INTO STORE_PURCHASES (purchaseTime, strClientIP, strAccountID, strCharID, strItems, strQuantities, nCost) VALUES (GetDate(), ?, ?, ?, ?, ?, ?)', $this->getRemoteIP(), $_SESSION[CPD_ID], $_SESSION[CPD_CH], $packages, $quantities, $cart->getTotalCost());
$_SESSION[CPD_MI] -= $cart->getTotalItems();
if ($_SESSION[CPD_MI] < 0)
$_SESSION[CPD_MI] = 0;
$_SESSION[KNIGHT_CASH] -= $cart->getTotalCost();
$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' - ? WHERE ' . ACCOUNT . ' = ?', $cart->getTotalCost(), $_SESSION[CPD_ID]);
$cart->emptyCart();
$this->doError('PUS_BUY_SUCCESS', NULL);
}
function getSpecialType($nSpecialType)
{
return $this->getSpecialTypeToChar($nSpecialType);
}
function doError($error, $title = 'ERROR')
{
$this->loadTPL('pus-right-error', array('errmsg' => Template::GetLangVar($error), 'errtitle' => $title));
}
function getSpecialTypeToChar($type)
{
switch ($type)
{
case 3: // Premium
return 'P';
break;
default: // Item
return 'I';
break;
}
}
}
?>